1. Home
  2. Juniper
  3. JN0-1332

Security Design Specialist (JNCDS-SEC)

Exam Details

  • Exam Code
    :JN0-1332
  • Exam Name
    :Security Design Specialist (JNCDS-SEC)
  • Certification
    :JNCDS-SEC
  • Vendor
    :Juniper
  • Total Questions
    :65 Q&As
  • Last Updated
    :May 09, 2024

Juniper JNCDS-SEC JN0-1332 Questions & Answers

  • Question 31:

    You work for an ISP that wants to implement remote-triggered black hole (RTBH) filters. What are three considerations in this scenario? (Choose three.)

    A. Source RTBH can block legitimate traffic on the network

    B. BGP FlowSpec improves the RTBH model by implementing dynamic firewall filters

    C. Source RTBH requires uRPF to be implemented on the service provider's network core

    D. Destination RTBH requires uRPF to be implemented on the service provider's network edge

    E. Destination RTBH essentially completes the attack on the victim's IP

  • Question 32:

    You will be managing 1000 SRX Series devices. Each SRX Series device requires basic source NAT to access the Internet.

    Which product should you use to manage these NAT rules on the SRX Series devices?

    A. Security Director

    B. CSO

    C. Contrail

    D. JSA

  • Question 33:

    You are designing a solution to protect a service provider network against volumetric denial-of-service attacks. Your main concern is to protect the network devices. Which two solutions accomplish this task? (Choose two.)

    A. next-generation firewall

    B. screens

    C. intrusion prevention system

    D. BGP FlowSpec

  • Question 34:

    You must design a small branch office firewall solution that provides application usage statistics.

    In this scenario, which feature would accomplish this task?

    A. AppFW

    B. AppTrack

    C. UTM

    D. AppQoS

  • Question 35:

    You are working with a customer to create a design proposal using SRX Series devices. As part of the design, you must consider the requirements shown below:

    1.

    You must ensure that every packet entering your device is independently inspected against a set of rules.

    2.

    You must provide a way to protect the device from undesired access attempts.

    3.

    You must ensure that you can apply a different set of rules for traffic leaving the device than are in use for traffic entering the device.

    In this scenario, what do you recommend using to accomplish these requirements?

    A. firewall filters

    B. intrusion prevention system

    C. unified threat management

    D. screens

  • Question 36:

    Your customer is getting ready to deploy a new WAN architecture. It must be simple to set up, address hub scaling concerns, and allow the automatic addition of new sites without requiring changes to the hub site. They want to deploy either AutoVPN or Auto Discovery VPN.

    In this scenario, why would you propose Auto Discovery VPN as a solution?

    A. Your customer requires direct spoke-to-spoke communication

    B. OSPF support is required

    C. Only Auto Discovery VPN supports the automatic addition of valid spokes

    D. Your customer needs to configure the hub site only once

  • Question 37:

    Your company has outgrown its existing secure enterprise WAN that is configured to use OSPF, AutoVPN, and IKE version 1. You are asked if it is possible to make a design change to improve the WAN performance without purchasing new hardware.

    Which two design changes satisfy these requirements? (Choose two.)

    A. Modify the IPsec proposal from AES-128 to AES-256

    B. Change the IGP from OSPF to IS-IS

    C. Migrate to IKE version 2

    D. Implement Auto Discovery VPN

  • Question 38:

    You have a campus location with multiple WAN links. You want to specify the primary link used for your VoIP traffic.

    In this scenario, which type of WAN load balancing would you use?

    A. BGP

    B. OSPF

    C. FBF

    D. ECMP

  • Question 39:

    You are creating a security design proposal for an enterprise customer. As part of the design, you are implementing 802.1x authentication on your EX Series devices.

    In this scenario, which two statements are correct? (Choose two.)

    A. The supplicant is the device that prevents the authenticator's access until it is authenticated

    B. The supplicant is the device that is being authenticated

    C. The authenticator is the device that is being authenticated

    D. The authenticator is the device that prevents the supplicant's access until it is authenticated

  • Question 40:

    You are deploying Security Director with the logging and reporting functionality for VMs that use SSDs. You expect to have approximately 20,000 events per second of logging in your network.

    In this scenario, what is the minimum number of log receiver devices that you should use?

    A. 4

    B. 3

    C. 2

    D. 1

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Juniper exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your JN0-1332 exam preparations and Juniper certification application, do not hesitate to visit our Vcedump.com to find your solutions here.